Open Phillipus opened 4 months ago
The warning message first appears at this point:
And so, if it is possible to implement this, it will be in the native JNI code here:
Where is the main NSApplication
and NSApplicationDelegate
created? Is it here? And, if so, can applicationSupportsSecureRestorableState
be implemented to return true?
I first reported this issue in the SWT issue tracker, and then closed that one and opened it here because the warning message appearing at the bridge.showSplash
point. But after debugging with the -noSplash
option the warning message now appears immediately after this line in WorkbenchAdvisor
:
So I'm not sure whether to continue to trace this to SWT or Equinox. Or maybe both? Need to find out where the NSApplication
and NSApplicationDelegate
are created.
@HannesWell @HeikoKlare WDYT?
This JDK issue could be related: https://bugs.openjdk.org/browse/JDK-8318854
This JDK issue could be related: https://bugs.openjdk.org/browse/JDK-8318854
Yes, thanks for the link. They've implemented applicationSupportsSecureRestorableState
in their NSApplicationDelegate
for AWT.
I've been trying to figure out how to do the same in SWT. So far I've found some clues in the Display
class with no success at a solution:
I can add a applicationSupportsSecureRestorableState
method and selector but don't know where it can implemented to return a boolean.
So I'm not sure whether to continue to trace this to SWT or Equinox. Or maybe both? Need to find out where the
NSApplication
andNSApplicationDelegate
are created.@HannesWell @HeikoKlare WDYT?
I'm sorry, but I can't help much on this: I have only little knowledge about the C code itself and zero knowledge about Mac their API. Maybe @sravanlakkimsetti or @lshanmug can help?
So I'm not sure whether to continue to trace this to SWT or Equinox. Or maybe both? Need to find out where the
NSApplication
andNSApplicationDelegate
are created. HannesWell HeikoKlare WDYT?I'm sorry, but I can't help much on this: I have only little knowledge about the C code itself and zero knowledge about Mac their API. Maybe sravanlakkimsetti or lshanmug can help?
I am sorry, but unfortunately the same holds for me. I use a Mac only for validation purposes and for migrating changes I make for one OS (in particular Windows) to the others, but I have no knowledge about the system's APIs, the native SWT code etc.
Just from what I have seen so far, I would expect that SWT code is responsible for NSApplication
and NSApplicationDelegate
, but that's only a guess.
It turns out that this warning message is triggered in two places - SWT and Equinox. Both use a NSApplication
and so both need to implement applicationSupportsSecureRestorableState
in the delegate.
I've fixed the SWT case here but I can't fix the issue in the JNI code. I think this file needs to change.
The issue When running Eclipse or an RCP app on macOS Sonoma a warning message is written to the console:
eclipse[4647:170325] WARNING: Secure coding is not enabled for restorable state! Enable secure coding by implementing NSApplicationDelegate.applicationSupportsSecureRestorableState: and returning YES.
I've Googled this and it seems that this could lead to a vulnerabilty and needs to be addressed. For example see here:
https://stackoverflow.com/questions/77283578/sonoma-and-nsapplicationdelegate-applicationsupportssecurerestorablestate?rq=2
To Reproduce The only way to see this warning message is to run Eclipse on Mac Sonoma from the command line so the message is written to the console in the Terminal app:
Eclipse.app/Contents/MacOS/eclipse
Expected behavior The warning message should not appear.
Environment: macOS Sonoma 14.5 MacBook M2 aarch64 Temurin JDK 17.0.11+9 Eclipse 4.31 and latest 4.32 I builds